Bitcoin Guides


Bitcoin blockchain technology: Graftroot

Graftroot is a soft-fork update to the Bitcoin blockchain implementation that allows for additional multisig functionality

Graftroot is a soft-fork update to the Bitcoin blockchain implementation that allows for additional multisig functionality, allowing for future conditions to be met based on preconceived parameters. If this sounds like smart contracts, that’s because, in essence, that’s what I’m describing.

In order for this technology to work properly, Schnorr signatures need to be implemented beforehand, as well as Taproot. Graftroot builds on Taproot by giving users the opportunity to delegate the ability to spend the transaction.

Also, as explained in this article, Schnorr is critical for Graftroot and extremely powerful for the privacy of Bitcoin because it allows users to create multisig transactions and even complex coin-join transactions that simply look like everyday normal transactions. This makes it difficult for chain analysis companies to analyse the inbound/outbound flows of coins in transactions.

With Graftroot, the multisig participants can sign the scripts they would like to use in their stead, which essentially creates a more space-efficient blockchain, or MAST.

Simply put, a MAST is a data structure that combines Merkle Trees – the ability to prove some information of a given data set without showing the entirety of the set – with ASTs (or abstract syntax trees) that add logic to transactions by allowing the user to split a program into its individual parts.

By combining their signatures, developers are making better use of blockchain space. Without this technology, Bitcoin multisig transactions essentially take up a lot more space, as signatures cannot be aggregated and logic cannot be added to just one transaction.

How Graftroot works

According to the BIP proposal by Bitcoin developer Greg Maxwell, Graftroot works as follows:

“With Graftroot, the participants establish a threshold key, just as they do with Taproot. At any time, they can delegate their ability to sign to a surrogate script by signing that script (and just the script) with their Taproot key, and sharing that delegation with whomever they choose. Later, when it comes time to spend the coin, if the signers aren’t available and the script must be used, the redeeming party does whatever is required to satisfy the script (e.g. provides their own signature and a timelock) and presents that information along with the signer’s signature of the script.”

The result is that instead of allowing for only one single alternative, an unlimited number of alternatives can be provided. All are executed with equal efficiency to a single alternative, and the number is hidden without overhead. Alternatives can be provided for existing coins too, without the need to move them – movement is only required to destroy the ability to use alternatives by changing keys.

Are there any issues with Graftroot?

As with most technologies, there’s always a downside to every new advancement. One disadvantage of Graftroot is that the signed script needs to be safely stored in order to redeem the transaction. Users also need to be extra careful with key reuse as the owner of the UTXO can reissue a new signature at any time, bypassing the restrictions of the script.

Still, even though there are some limitations with Graftroot, the improvements it brings to the Bitcoin network in terms of functionality and scalability are worth a try, at least in my opinion. If we can add extra logic to transactions and at the same time not increase the block size, that would be a great achievement for Bitcoin.

Will it be successful? Only time will tell.

Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.